Posted by MustLive on Oct 17

Hello list!

These are Cross-Site Scripting vulnerabilities in Megapolis.Portal Manager.

It’s commercial CMS from Softline-IT (earlier Softline), which in
particularly widespread among Ukrainian government sites (including
ministry, parliament, two special services and many other web sites). In
2012 I already wrote about multiple vulnerabilities in Megapolis.Portal
Manager (http://securityvulns.ru/docs28651.html).

These particular…